package com.test.auth_db_auto.auth_sms;

import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.SpringSecurityCoreVersion;

import java.util.Collection;

/**
 * @ Author: .Mr
 * @ ClassName SmsCodeAuthenticationToken
 * @ Description TODO
 * @ date 2022/1/4 17:25
 * @ Version 1.0
 */
public class SmsCodeAuthenticationToken extends AbstractAuthenticationToken {

    private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;

    private final Object principal;

    private String password;
    private String examine;


    public SmsCodeAuthenticationToken(String mobile,String password,String examine){
        //因为刚开始并没有认证，因此用户没有任何权限，并设置没有认证的信息(setAuthenticated(false))
        super(null);
        //这里的principal就是手机号
        this.principal=mobile;
        this.password=password;
        this.examine=examine;
        setAuthenticated(false);
    }

    public SmsCodeAuthenticationToken(Object principal,Collection<? extends GrantedAuthority> authorities) {
        super(authorities);
        this.principal=principal;
        super.setAuthenticated(true);
    }

    @Override
    public Object getCredentials() {
        return null;
    }

    @Override
    public Object getPrincipal() {
        return this.principal;
    }


    public String getPassword(){
        return this.password;
    }

    public String getExamine(){
        return this.examine;
    }

    public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException{
        if(isAuthenticated){
            throw new IllegalArgumentException(
                    "Cannot set this token to trusted - use constructor which takes a GrantedAuthority list instead");
        }

        super.setAuthenticated(false);
    }

    @Override
    public void eraseCredentials() {
        super.eraseCredentials();
    }
}
